On affected Wago products an remote attacker with administrative privileges can access files to which he has already access to through an undocumented local file inclusion. This access is logged in a different log file than expected.
2023-10-17T07:15:10.090
2024-11-21T08:34:22.010
Modified
CVSSv3.1: 2.7 (LOW)
| Type | Vendor | Product | Version/Range | Vulnerable? |
|---|---|---|---|---|
| Operating System | wago | compact_controller_100_firmware | ≤ 26 | Yes |
| Hardware | wago | compact_controller_100 | - | No |
| Operating System | wago | edge_controller_firmware | ≤ 26 | Yes |
| Hardware | wago | edge_controller | - | No |
| Operating System | wago | pfc100_firmware | ≤ 26 | Yes |
| Hardware | wago | pfc100 | - | No |
| Operating System | wago | pfc200_firmware | ≤ 26 | Yes |
| Hardware | wago | pfc200 | - | No |
| Operating System | wago | touch_panel_600_advanced_firmware | ≤ 26 | Yes |
| Hardware | wago | touch_panel_600_advanced | - | No |
| Operating System | wago | touch_panel_600_marine_firmware | ≤ 26 | Yes |
| Hardware | wago | touch_panel_600_marine | - | No |
| Operating System | wago | touch_panel_600_standard_firmware | ≤ 26 | Yes |
| Hardware | wago | touch_panel_600_standard | - | No |